Opinions & Analysis

24 hours ago, the internet was ablaze with talk of a “second leaker” being identified by the FBI.   The second leaker, whom cryptographer Bruce Schneier actually deemed to be the third leaker (behind Edward Snowden and the person passing secrets about the Angela Merkel surveillance story, the TAO catalog and the X-KEYSCORE rules), was suggested at the end of the documentary Citizen Four in a conversation between Snowden and journalist Glenn Greenwald.   I attended a private screening of the documentary last...

Data breaches through insiders—or trusted employees, contractors and vendors who have access to your network—are becoming more and more common.   For example, the recent JP Morgan breach began when hackers compromised one employee’s username and password to a web development server. The major breach at US retailer Target started when hackers stole credentials from an HVAC vendor who connected to Target’s network for invoicing and billing purposes.   Once these hackers established a beachhead...

The problem of suspicious user activity identification is still a hot topic, widely discussed by IT community. The recent Verizon Data Breach Investigations Report gives food for thought, revealing that 88 per cent of insider misuse incidents are the result of privilege abuse.   The report sets a task for businesses of all sizes to establish user activity monitoring as a mandatory measure that ensures integrity of sensitive business data. However, the ethical aspect of...

There has been much smirking and finger pointing recently - with the FBI left and centre.   As reported by IT Security Guru a few weeks ago, FBI Director  James Comey was very vocal in criticising unbreakable encryption on smartphones saying such capabilities allow users to “place themselves beyond the law”.   So, imagine my surprise to discover this week that nestled among the smartphone safety tips promoted by said agency, the FBI itself recommends...

Currently, there's a lot of talk about "pass-the-hash" (PtH) attacks.   PtH attacks are based on exploiting vulnerabilities in the Windows Lan Manager (LM) and Windows NT Lan Manager (NTLM) authentication systems. Therefore, any Windows system is vulnerable to PtH attacks, which are very difficult to defend against because it only takes one misconfigured computer, or a computer missing a single security patch in a Windows domain, for an attacker to find a way in....

Thought for the weekend... This week the security world was hit by vulnerability after vulnerability after vulnerability. Or at least that’s what it felt like. We’d barely finished with the news that another retailer, Kmart, had suffered a breach before Sandworm started burrowing through defences, POODLE ran amok and finally we ended the week being hit by DrupAgeddon! In the middle of all of this were reports that Snapchat and Dropbox were hacked – a...

Around 24 hours since the POODLE bug hit the internet and the headlines, the severity of the flaw has made this the new most talked about flaw of the moment. POODLE, short for “Padding Oracle On Downgraded Legacy Encryption”, affects the 15 year old SSL v3 protocol, which Gavin Millard, Tenable's technical director for EMEA, said was common in browsers for backwards compatibility, but the reality is that it is difficult to exploit and requires some...

This week I have been more out of the UK than in it as I attend the ISSE and Black Hat Europe conferences.   However, to the delight of this writer, there has been no shortage of security news to keep me hunched over my laptop. One such story surrounded the apparent leaking of usernames and passwords from file-sharing website andscourge of IT staff and privacy campaigners, Dropbox.   Many news websites and expert comments claimed...

On the 3rd of October 2014, I was honoured to be involved as a Keynote at the ISACA Ireland Breaking Down the Silos event – an event which was very refreshing, and a resounding success born out of the hard work and effort of the ISACA Ireland team.   Like all such events, it is always hard to get the numbers, but in this case they exceeded expectations reaching close to 300 delegates in the Conference...

At the start of this week I met with the co-founder and CTO of Lastline, who claimed that the industry needs something better than Virus Total.   Giovanni Vigna, co-founder and CTO of Lastline, said that Virus Total is “the wrong tool” and that the industry needs something better.   He said: “I think that this is something that the security community has already acknowledged and the anti-virus companies know that we need to go beyond...